Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211301.roa
File: AS211301.roa (raw, json)
Hash identifier: QlYjMt+PWwi82qGqQpaZVmDaDPoH68Z3RpuWkGNvqeE=
Subject key identifier: 4B:7D:F6:25:F0:9C:CB:9B:4F:CD:84:0F:72:1A:9A:21:77:40:FB:94
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6B638323D4F40F6CFC54AC64365F434730A0306B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211301.roa
Signing time: Thu 28 Mar 2024 00:00:13 +0000
ROA not before: Wed 27 Mar 2024 23:55:13 +0000
ROA not after: Thu 27 Mar 2025 00:00:13 +0000
asID: 211301
IP address blocks: 179.61.138.0/24 maxlen: 24
179.61.251.0/24 maxlen: 24
179.61.253.0/24 maxlen: 24
181.214.99.0/24 maxlen: 24
181.214.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:63:83:23:d4:f4:0f:6c:fc:54:ac:64:36:5f:43:47:30:a0:30:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 27 23:55:13 2024 GMT
Not After : Mar 27 00:00:13 2025 GMT
Subject: CN=4B7DF625F09CCB9B4FCD840F721A9A217740FB94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0d:b2:bb:70:44:8b:71:02:3a:04:09:4d:86:
7b:9c:89:5e:80:75:4f:fd:59:16:24:33:73:af:d3:
06:50:a6:75:70:fd:4e:55:72:e6:df:39:26:8f:05:
c3:a6:23:fa:17:25:fb:21:6b:e9:80:bd:80:ee:93:
5f:f4:cc:e0:06:0d:85:1b:2c:3a:b0:b6:20:3d:d2:
5f:0a:6b:18:1d:7c:82:ee:38:f5:b2:4c:12:42:df:
cd:fd:70:4e:83:42:17:8d:0f:6a:a5:5b:04:35:31:
4f:96:7e:51:fe:da:9d:64:71:47:b8:a6:36:0c:f0:
09:4d:e2:2e:2c:a4:11:55:6d:6c:fc:ab:9d:63:3f:
44:0c:a0:14:5d:6d:39:77:b9:95:a9:86:c4:ff:8f:
74:3b:00:01:95:9b:b1:cc:91:b0:5d:6d:dc:1c:ea:
5e:90:ab:ca:58:5a:21:39:78:0a:27:da:21:95:6e:
6c:27:69:85:2b:e9:df:7a:f6:c7:f4:8c:54:19:a9:
1c:cf:d4:e3:2b:eb:0d:7d:56:38:1e:31:e0:09:7c:
13:27:4c:0a:6a:37:3c:81:9f:e5:59:87:fb:f8:bf:
b0:06:f8:ce:29:9f:69:d7:68:37:14:a4:04:f2:20:
30:a3:bc:e4:40:29:5a:88:bd:d6:2c:51:da:fb:1d:
11:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7D:F6:25:F0:9C:CB:9B:4F:CD:84:0F:72:1A:9A:21:77:40:FB:94
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211301.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.138.0/24
179.61.251.0/24
179.61.253.0/24
181.214.99.0/24
181.214.231.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:c3:1a:a0:60:e6:6d:74:c6:60:2b:9f:76:af:cf:96:1a:73:
23:ee:fb:83:88:f5:d7:26:fe:7e:df:b0:f9:b1:48:62:5b:03:
78:56:42:8c:97:e2:54:26:30:45:77:08:c5:f1:c7:ff:06:46:
04:84:28:df:c6:5c:56:85:e9:03:d2:c4:b8:b0:22:3a:6c:5b:
4c:e0:58:ea:ad:15:2a:e4:f6:41:11:21:c1:c6:8c:7c:c8:0c:
fa:fa:c1:42:8e:64:50:29:c0:ff:7e:6b:e3:32:c0:2a:72:49:
47:f4:5c:f1:eb:29:8f:dc:5b:fd:85:10:c0:23:a6:73:01:1c:
81:99:9d:c4:0a:ae:35:55:70:7a:f2:a9:e0:65:d7:f1:8a:5c:
cc:5f:58:d2:19:3c:51:33:2b:8b:9a:1c:ff:29:e1:2c:79:32:
c7:13:56:38:f9:c1:1f:e2:3e:6f:da:60:f6:59:41:86:2d:ad:
4a:74:cc:71:ad:9d:8b:be:0a:12:9a:4b:c1:ec:ef:3c:e6:12:
0e:02:be:af:4e:80:34:00:71:c6:21:b2:1f:fc:e3:d9:81:af:
84:9c:57:bf:8e:1b:a5:ff:60:75:bb:0b:2c:dc:87:0a:75:9a:
50:05:28:9c:aa:85:1d:10:78:03:5e:56:30:bc:82:c3:21:e1:
94:34:07:51
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUa2ODI9T0D2z8VKxkNl9DRzCgMGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMjcyMzU1MTNaFw0yNTAzMjcwMDAwMTNaMDMxMTAvBgNV
BAMTKDRCN0RGNjI1RjA5Q0NCOUI0RkNEODQwRjcyMUE5QTIxNzc0MEZCOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqDbK7cESLcQI6BAlNhnuciV6A
dU/9WRYkM3Ov0wZQpnVw/U5VcubfOSaPBcOmI/oXJfsha+mAvYDuk1/0zOAGDYUb
LDqwtiA90l8KaxgdfILuOPWyTBJC3839cE6DQheND2qlWwQ1MU+WflH+2p1kcUe4
pjYM8AlN4i4spBFVbWz8q51jP0QMoBRdbTl3uZWphsT/j3Q7AAGVm7HMkbBdbdwc
6l6Qq8pYWiE5eAon2iGVbmwnaYUr6d969sf0jFQZqRzP1OMr6w19VjgeMeAJfBMn
TApqNzyBn+VZh/v4v7AG+M4pn2nXaDcUpATyIDCjvORAKVqIvdYsUdr7HRF3AgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUS332JfCcy5tPzYQPchqaIXdA+5QwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExMzAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsz2K
AwQAsz37AwQAsz39AwQAtdZjAwQAtdbnMA0GCSqGSIb3DQEBCwUAA4IBAQAewxqg
YOZtdMZgK592r8+WGnMj7vuDiPXXJv5+37D5sUhiWwN4VkKMl+JUJjBFdwjF8cf/
BkYEhCjfxlxWhekD0sS4sCI6bFtM4FjqrRUq5PZBESHBxox8yAz6+sFCjmRQKcD/
fmvjMsAqcklH9Fzx6ymP3Fv9hRDAI6ZzARyBmZ3ECq41VXB68qngZdfxilzMX1jS
GTxRMyuLmhz/KeEseTLHE1Y4+cEf4j5v2mD2WUGGLa1KdMxxrZ2LvgoSmkvB7O88
5hIOAr6vToA0AHHGIbIf/OPZga+EnFe/jhul/2B1uwss3IcKdZpQBSicqoUdEHgD
XlYwvILDIeGUNAdR
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:22 2024 by rpki-client on console-ams.rpki-client.org